SAML Single Sign-On
You can enable single sign-on (SSO) capability so that users can access their Informatica Cloud organization without the need to enter login information.
Single sign-on to Informatica Cloud is based on the Security Assertion Markup Language (SAML) 2.0 web browser single sign-on profile. The SAML web browser single sign-on profile consists of the following entities:
- •Identity provider. An entity that handles authentication through the use of security tokens.
- •Service provider. An entity that provides web services to principals, for example, an entity that hosts web applications. Informatica Cloud is a service provider.
- •Principal. An end user who interacts through an HTTP user agent.
SAML 2.0 is an XML-based protocol that uses security tokens that contain assertions to pass information about a principal between an identity provider and a service provider. An assertion is a package of information that supplies statements made by a SAML authority.
When a user enters the Informatica Cloud single sign-on URL in a browser, the following process begins:
- 1. Informatica Cloud sends a SAML authentication request to the organization's identity provider.
- 2. The identity provider confirms the user's identity and sends a SAML authentication response to Informatica Cloud.
- 3. When Informatica Cloud receives the SAML authentication response from the identity provider, Informatica Cloud establishes the user session and logs the user into Informatica Cloud.
- 4. When a user logs out of Informatica Cloud or the session times out, Informatica Cloud sends a SAML logout request to the identity provider.
- 5. The identity provider terminates the user session on the identity provider side.
You can find more information about SAML on the Oasis website:
https://www.oasis-open.org